More BitLockery.....

More BitLockery.....

Raul commented on my previous BitLocker Post with a question that I felt compelled to make into a post.

"I had a quick question about the key for BitLocker to unlock your computer, when you have it on your flash drive, if you make it a hidden folder can the computer still read it and log you into your computer without it locking you out?"

The Bitlocker key is not in a folder on the USB drive, it is in the root. However, the file itself can be marked as hidden. If you do this though, it can not be read during startup and you will not have access to the drive. You would then need to put the USB memory stick into another machine, mark the key file as *NOT* hidden, then unlock the original machine. I verified this by testing it out on my demo machine.

I seem to recall someone asking me if it was ok to mark the key file as READ ONLY. In fact, when BitlLocker prompts you to write the key to the USB device, that file is actually marked as read only. This provides basic protection against someone opening the file, accidentally hitting a random keystroke or the delete key and munging the BitLocker key. Though it is simple enough to remove the read only flag and make changes. Don't do it.